IN THE CLAIMS: 

Please amend the claims as set forth below. 

1-2 (Cancelled). 

3. (New) A method comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 

assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environment. 

4. (New) The method as recited in claim 3 further comprising, if the first application is to 
be permitted to communicate with the second application, including the first IP address 
and the second IP address in a same virtual network environment. 

5. (New) The method as recited in claim 3 wherein the first IP address is a virtual IP 
address. 

6. (New) The method as recited in claim 3 wherein the first IP address is a physical IP 
address of a computer on which the first application is executing. 



3 



7. (New) The method as recited in claim 3 wherein defining the global address space 
comprises specifying a global subnet and a global netmask that encompass the plurality 
of IP addresses. 

8. (New) The method as recited in claim 7 wherein the plurality of IP addresses are 
virtual 

9. (New) The method as recited in claim 7 further comprising associating the global 
subnet and global netmask with the first application and the second application. 

10. (New) The method as recited in claim 9 further comprising associating a second 
subnet and a second netmask with the first application, the second subnet and the second 
netmask defining the first virtual network environment. 

1 1 . (New) The method as recited in claim 9 wherein the global subnet, the global 
netmask, the second subnet, and the second netmask are parameters of a process state of 
the first application. 

12. (New) The method as recited in claim 3 further comprising: 

the first application initiating a communication to a third IP address; and 

if the third IP address is not in the global address space, permitting the 
communication. 

13. (New) The method as recited in claim 12 further comprising, if the third IP address is 
in the global address space and also within a same virtual network environment as the 
first IP address, permitting the communication. 
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14. (New) The method as recited in claim 12 further comprising, if the third IP address is 
in the global address space and not within a same virtual network environment as the first 
IP address, preventing the communication. 

15. (New) A computer readable medium storing a plurality of instructions which, when 
executed, implement a method comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 

assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environment. 

16. (New) The computer readable medium as recited in claim 15 wherein the method 
further comprises, if the first application is to be permitted to communicate with the 
second application, including the first IP address and the second IP address in a same 
virtual network environment. 

17. (New) The computer readable medium as recited in claim 15 wherein the first IP 
address is a virtual IP address. 
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18. (New) The computer readable medium as recited in claim 15 wherein the first IP 
address is a physical DP address of a computer on which the first application is executing. 

19. (New) The computer readable medium as recited in claim 15 wherein defining the 
global address space comprises specifying a global subnet and a global netmask that 
encompass the plurality of IP addresses. 

20. (New) The computer readable medium as recited in claim 19 wherein the plurality of 
IP addresses are virtual. 

21. (New) The computer readable medium as recited in claim 19 wherein the method 
further comprises associating the global subnet and global netmask with the first 
application and the second application. 

22. (New) The computer readable medium as recited in claim 21 wherein the method 
further comprises associating a second subnet and a second netmask with the first 
application, the second subnet and the second netmask defining the first virtual network 
environment. 

23. (New) The computer readable medium as recited in claim 21 wherein the global 
subnet, the global netmask, the second subnet, and the second netmask are parameters of 
a process state of the first application. 

24. (New) The computer readable medium as recited in claim 15 wherein the method 
further comprises: 

in response to the first application initiating a communication to a third IP 
address; and 

if the third IP address is not in the global address space, permitting the 
communication. 
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25. (New) The computer readable medium as recited in claim 24 wherein the method 
further comprises, if the third IP address is in the global address space and also within a 
same virtual network environment as the first IP address, permitting the communication. 

26. (New) The computer readable medium as recited in claim 24 wherein the method 
further comprises, if the third IP address is in the global address space and not within a 
same virtual network environment as the first IP address, preventing the communication. 

27. (New) A system comprising a plurality of computers coupled in a network, wherein 
at least one of the computers comprises a computer readable medium storing a plurality 
of instructions which, when executed, implement a method comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 

assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environment. 

28. (New) The system as recited in claim 27 wherein the method further comprises, if the 
first application is to be permitted to communicate with the second application, including 
the first IP address and the second DP address in a same virtual network environment. 
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29. (New) The system as recited in claim 27 wherein the first IP address is a virtual IP 
address. 

30. (New) The system as recited in claim 27 wherein the first IP address is a physical IP 
address of one of the plurality of computers on which the first application is executing. 

31. (New) The system as recited in claim 27 wherein defining the global address space 
comprises specifying a global subnet and a global netmask that encompass the plurality 
of IP addresses. 

32. (New) The system as recited in claim 3 1 wherein the plurality of IP addresses are 
virtual. 

33. (New) The system as recited in claim 31 wherein the method further comprises 
associating the global subnet and global netmask with the first application and the second 
application. 

34. (New) The system as recited in claim 33 wherein the method further comprises 
associating a second subnet and a second netmask with the first application, the second 
subnet and the second netmask defining the first virtual network environment. 

35. (New) The system as recited in claim 33 wherein the global subnet, the global 
netmask, the second subnet, and the second netmask are parameters of a process state of 
the first application. 

36. (New) The system as recited in claim 27 wherein the method further comprises: 

in response to the first application initiating a communication to a third IP 
address; and 
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if the third IP address is not in the global address space, permitting the 
communication. 

37. (New) The system as recited in claim 36 wherein the method further comprises, if the 
third IP address is in the global address space and also within a same virtual network 
environment as the first IP address, permitting the communication. 

38. (New) The system as recited in claim 36 wherein the method further comprises, if the 
third IP address is in the global address space and not within a same virtual network 
environment as the first IP address, preventing the communication. 
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